• Email :sales@seoessence.com

  • Phone : +91-0120-4080598

Zend_Acl An example

Zend_Acl An example

Zend_Acl consists of assets, privileges and roles. Resources can be anything ranging from controllers to files. Privileges are different levels of access on the resource. Roles determine who can access a resource, and with what privileges. Roles can be users, user groups or anything you wish to associate. In Zend_Acl, Role can be inherited form one or more roles.
To create resources and roles, you will need to first create Zend_Acl instance as
$acl = new Zend_Acl();

And then add role and resources to it as follows
$acl->add(new Zend_Acl_Resource(‘view’));
$acl->add(new Zend_Acl_Resource(‘edit’));
$acl->add(new Zend_Acl_Resource(‘delete’));    

Once we create roles and resources we can assign different privileges to different roles on different resources as
$acl->allow(‘guest’,null,’view’);
$acl->allow(‘editor’,array(‘view’,’edit’));
$acl->allow(‘admin’);    
Similarly we can use deny () method of Zend_Acl for access denials as
$acl->deny(‘guest’,null,array(’edit’,’delete’));

Later in our code we can check privileges as
$acl->isAllowed(‘guest’,null,’view’);    
isAllowed() method return boolean value either true or false based on the privileges.
To see how we can use Zend_Acl component in our applications let’s take a simple example.
Let we have different controllers, e.g. news, latest news, announcements with each having the view, edit and delete actions
Now in Library/My/Controller/Plugin/, create Acl.php and place the following code.
<?php
 class My_Controller_Plugin_Acl extends Zend_Controller_Plugin_Abstract
 {
     private $_acl;
     public function preDispatch(Zend_Controller_Request_Abstract $request)
     {
         $acl = $this->_getAcl();
         $role = $this->_getRole();
         $resource = $request->getControllerName();
         $privilege = $request->getActionName();
         $allowed = $acl->isAllowed($role, $resource, $privilege);
         if (!$allowed) {
             $controller = 'error';
             $action = 'index';
             $redirector = new Zend_Controller_Action_Helper_Redirector();
             $redirector->gotoSimpleAndExit($action, $controller);
         }
     }
 
     protected function _getAcl()
     {
         if (null === $this->_acl) {
             $acl = new Zend_Acl();
 
             // Roles
             $acl->addRole('guest');
             $acl->addRole('user', 'guest');
             $acl->addRole('admin', 'user');
 
             // Resources
             $acl->add(new Zend_Acl_Resource(‘view’));
             $acl->add(new Zend_Acl_Resource(‘edit’));
             $acl->add(new Zend_Acl_Resource(‘delete’));
 
             // Rules
             $this->acl->allow(‘guest’,null,’view’);
             $this->acl->allow(‘editor’,array(‘view’,’edit’));
             $this->acl->allow(‘admin’);
 
             $this->_acl = $acl;
         }
         return $this->_acl;
     }
 
     protected function _getRole()
     {
         $auth = Zend_Auth::getInstance();
         if ($auth->hasIdentity()) {
         $identity = $auth->getIdentity();
         $role = empty($identity->role) ? 'user': $identity->role;
         } else {
             $role = 'guest';
         }
         return $role;
     }
 
 }    
 
Explanation:


In the code above we are making module by broadening it structure Zend_controller_plugin_abstract and override predispatch() strategy.

In the event that this is first endeavor to get to our application we give client a part "visitor". We can set this sort at our validation and give client a particular sort when he login.

Next we get Action name by utilizing $request->getactionname() and allot it to $privilagename.

The following line is exceptionally critical. We check the benefits
$allowed = $acl->isAllowed($role, $resource, $privilege);     
    
If the above condition is true. It means that the user hasn’t had the privileges to access the requested Action.
So we redirect user to Error Controller’s Index action.
If the condition is false then he accesses the particular controller action.
We have now nearly done. However you will need to register the plugin.
// application/configs/application.ini
autoloaderNamespaces[] = "My_"
resources.frontController.plugins.Acl = "My_Controller_Plugin_Acl"

That it your simple role management application.


Posted by Mrityunjay Singh

Senior Web Developer

He  is an experienced web developer  and his main interest in PHP Domain . He has Experience of More Than 5  Years of Web Technologies.  He Had Worked on Some Big Projects Based On PHP and Frameworks. Connect with her via Linkedin .

PORTFOLIO


KRIMISHA ENTERPRISE
LIC Singapore
SPANISH TERRAZAS

Copyright © 2019 - All Rights Reserved

Scroll to Top